@msamblanet:

OK - thanks - I have a better sense where things are going now…as you have seen in my other email, I took the first pass option of forcing users to enable the cachemgr so you have to choose to accept the risk...

If I ever find enough free time I am qualified to write the module you propose - but time is always the trick...my hat is off to you - I don't know how you (and many other good OpenSource authors) find the time to do this...

An option I was toying with overnight was how one could make a PHP wrapper so that the cgi was kept outside the web directory and content was in an iframe or similar with the PHP wrapper handlng security - would even allow us to keep the pfsense menus on the screen :)  ...unfort my PHP is pretty weak (I'm just an old Asm/C/C++ dev turned Java in the current day/age) - so I don't know how hard doing the CGI calls from PHP would be...can't imagine it's too bad but caveat coder

Hmmm…that's actually not a half bad idea.  I dunno about an iframe, but we could probably allow auth.inc to do it's job and use passthru() or something to run a cgi.  I'll have to think about that a bit.

--Bill

Ok, thks
Success to you in work

Ntop has all sorts of problems.  No one is currently looking after the package as far as I know so they probably won't get fixed.  But I think something better is getting added to 1.1 anyway, maybe maybe not.

Thanks, fixed.

Thanks for the reminder, I have been meaning to do this for a while, http://cvstrac.pfsense.com/chngview?cn=11517

There is also something else before this should work, You will need to create a pass rule for access to webgui and ssh after the block rule. Then disable anitlockout in System -> Advance, then it should work. It should also work for traffic shaper rules for squid.

Fernando Lemos
"Fernando Lemos" <fernando_at_netfilter.com.br>,</fernando_at_netfilter.com.br>

Any hints, hoba?

It is, but you have to change the squid.conf manualy until the bug ticket is solved.

This has been asked 1,000 times, please search.

running latest and greatest. I guess it was me being impatient. I thought it wouldn't take as long, I finally was poking through the command prompt and it takes at least a minute of better to load with amount of traffic on it.

thanks.

is this correct for using opt1 as bridge for lan interface (portforwarding for opt1 3128->80)?

@rexster:

just installed squid on pfsense beta2.

it works fine right after it's installed.

but when i start configure things from the gui,
it gives me error just like the one in my post before this.

why the options in the gui is not same with default installed squid.conf ??

tia
rex

Bugs.  Squids maintainer seems to be MIA so we are trying to mop up the issues as they arise but I am pretty burned out on the situation.

Patches accepted.

Thanks Myntric
just register for this post ^^

using Squid as the proxy

Its broken. When time permits I'll probably take a look at it to see if I can sort that out, provided no-one is already working on it.
I'd get a chance to try out Scott's flashy CoreGUI.  ;D

I would if I knew what I was doing,  sadly I don't.  I was just looking for some confirmation.  Which I have gotten by the lack of posts :).

Create a portforward at firewall>nat, portforward tab. choose LAN or OPTx interface instead of WAN, depending at which interface your clients are coming from.

Patches accepted.

You also have OpenVPN.

Sorry, I don't follow.  Can you explain what you mean?

Bravo!  Thats awesome!

Ok I finally got around to installing the squid package but im having a bit of trouble getting it to work. I set it up for "transparent mode" but get an "access denied" output. Am I missing something? I was under the impression that no other configuration was needed when using squid in "transparent mode".

Feb 28 09:23:53 squid[68134]: Exiting due to repeated, frequent failures
Feb 28 09:23:53 squid[68134]: Squid Parent: child process 68525 exited with status 1
Feb 28 09:23:53 squid[68134]: Squid Parent: child process 68525 started
Feb 28 09:23:50 squid[68134]: Squid Parent: child process 68523 exited with status 1
Feb 28 09:23:50 squid[68134]: Squid Parent: child process 68523 started
Feb 28 09:23:47 squid[68134]: Squid Parent: child process 68521 exited with status 1
Feb 28 09:23:47 squid[68134]: Squid Parent: child process 68521 started
Feb 28 09:23:44 squid[68134]: Squid Parent: child process 68519 exited with status 1
Feb 28 09:23:44 squid[68134]: Squid Parent: child process 68519 started
Feb 28 09:23:41 squid[68134]: Squid Parent: child process 68517 exited with status 1
Feb 28 09:23:41 squid[68134]: Squid Parent: child process 68517 started
Feb 28 09:23:38 squid[68504]: Squid Parent: child process 68507 started
Feb 28 09:23:38 squid[68134]: Squid Parent: child process 68137 exited due to signal 15
Feb 28 09:22:22 squid[67784]: Exiting due to repeated, frequent failures
Feb 28 09:22:22 squid[67784]: Squid Parent: child process 68320 exited with status 1
Feb 28 09:22:22 squid[67784]: Squid Parent: child process 68320 started
Feb 28 09:22:19 squid[67784]: Squid Parent: child process 68281 exited with status 1
Feb 28 09:22:19 squid[67784]: Squid Parent: child process 68281 started
Feb 28 09:22:16 squid[67784]: Squid Parent: child process 68165 exited with status 1
Feb 28 09:22:16 squid[67784]: Squid Parent: child process 68165 started
Feb 28 09:22:13 squid[67784]: Squid Parent: child process 68163 exited with status 1
Feb 28 09:22:13 squid[67784]: Squid Parent: child process 68163 started
Feb 28 09:22:10 squid[67784]: Squid Parent: child process 68161 exited with status 1
Feb 28 09:22:10 squid[67784]: Squid Parent: child process 68161 started
Feb 28 09:22:07 squid[68134]: Squid Parent: child process 68137 started
Feb 28 09:22:07 squid[67784]: Squid Parent: child process 67984 exited due to signal 15
Feb 28 09:21:25 squid[67784]: Squid Parent: child process 67984 started
Feb 28 09:21:22 squid[67784]: Squid Parent: child process 67787 exited due to signal 15
Feb 28 09:21:00 squid[67784]: Squid Parent: child process 67787 started
Feb 28 09:20:51 squid[67373]: Squid Parent: child process 67376 exited with status 0
Feb 28 09:17:47 squid[67030]: Exiting due to repeated, frequent failures
Feb 28 09:17:47 squid[67030]: Squid Parent: child process 67394 exited with status 1
Feb 28 09:17:47 squid[67030]: Squid Parent: child process 67394 started
Feb 28 09:17:44 squid[67030]: Squid Parent: child process 67392 exited with status 1
Feb 28 09:17:43 squid[67030]: Squid Parent: child process 67392 started
Feb 28 09:17:40 squid[67030]: Squid Parent: child process 67390 exited with status 1
Feb 28 09:17:39 squid[67030]: Squid Parent: child process 67390 started
Feb 28 09:17:36 squid[67030]: Squid Parent: child process 67388 exited with status 1
Feb 28 09:17:35 squid[67030]: Squid Parent: child process 67388 started
Feb 28 09:17:32 squid[67030]: Squid Parent: child process 67386 exited with status 1
Feb 28 09:17:31 squid[67030]: Squid Parent: child process 67386 started
Feb 28 09:17:28 squid[67373]: Squid Parent: child process 67376 started
Feb 28 09:17:28 squid[67030]: Squid Parent: child process 67033 exited due to signal 15
Feb 28 09:15:59 squid[67030]: Squid Parent: child process 67033 started
Feb 28 09:15:43 squid[66701]: Squid Parent: child process 66704 exited with status 0
Feb 28 09:13:42 squid[66701]: Squid Parent: child process 66704 started
Feb 28 09:11:49 squid[65989]: Squid Parent: child process 65992 exited with status 0
Feb 28 09:10:01 squid[65989]: Squid Parent: child process 65992 started
Feb 28 09:10:00 squid[65849]: Squid Parent: child process 65852 exited with status 0
Feb 28 09:09:34 squid[65849]: Squid Parent: child process 65852 started

This is box number 2.  Box number 1 is the unit that I am unable to install spamd on.

thank scott, http://www.pfsense.com/~sullrich/1.0-BETA1-TESTING-SNAPSHOT-2-8-06/ is ok, installing packages work  ;)

Not at the moment.  This will be addressed in 1.1.

Thanks submicron for your help  ;) I can't speek English, I speek only Russian, that's why it's wery difficult to me to explain my needs  :)

Remove & rerun don't fit it. There is still the same problem.

But there is another problem to:
The CPU-usage is permanently on 100%. After reboot the system the usage is normaly (3-5%), but if the system run around a half hour the usage goes up to 100%. On the shell I have run "top" and I have seen that php needs a lot of CPU-power…

So long
Henry

I guess that was some kind of memory overuse then somehow. Please report back if that really fixed the issue.

@sullrich:

This REALLY is not a priority for us.    Atleast it isn't for me.

Yes I know that this is not a priority for the pfSense team… No problem...

I ask only why I can't download mySQL serve package....

Yeah, before we removed keyboard from the embedded image the Soekris' boxes booted fine.  This is a WRAP bios limitation.  What's more interesting is a PC based CF image with video/keyboard enabled.  It's unlikely that'll show up anytime soon, but it's more likely than a specialized WRAP only version.

–Bill

@cmb:

just posted.
http://forum.pfsense.org/index.php?topic=485.0

will this become a package?  I don't know, possibly in the future.  We're not putting a lot of focus on packages right now, and this will take a little work.  Maybe we can see this as a package sometime before 1.1 is released.

Thank you!!

I'll start to test asap!
I'll let you know if I'll have any problems…

The package manager will parse that out and automatically create a startup script in /usr/local/etc/rc.d

Ok thanks again Scott, I'll be looking for it!  :)

No, I meant have you tried it on pfSense.  It exists if you know how to enable it.

weird…
my pfsense beta2 shows ntop Installed: 3.81
???

ok thanks hoba, thas wjhat i neede…
as to the freeradius, it doent need to write anything to itself if it works w/ SQL. Well it writes the temp file that contains the list of connected users, but if you disable it the server will still work... anyway that file is duplicated in acccounting table... so ill see if I get anything working and I let you know how it goes

THANKS!

Even if you could do this, the code will not handle it ATM.

Sorry but there is no real easy way to do this ATM.

here is what i dit to get freeradius working on pfsense beta 1 iso

login  on the consul or by ssh on the shell
give these comands

cd /usr/local/etc/raddb ls *.sample

you see now a list of files witch had to bechanched to te same name without the .sample

mv acct_users.sample acct_users mv clients.conf.sample clients.conf

do this for all the files
now the last step

ee radiusd.conf

look for

pidfile =

chance it to

pidfile = /var/run/radiusd.pid

press Ctrl and c
type in exit
now exit agian
when you reboot pfsense
you will see freeradius is now started
and can be used